Amendment and Response under 37 C.F.R. 1.116 

Applicant: Keith Hoene et al. 

Serial No.: 09/887,816 

Filed: June 25, 2001 

Docket No.: 10007759-1 (H303.210.101) 

Title: SYSTEM AND METHOD FOR COMPUTER NETWORK VIRUS EXCLUSION 

IN THE CLAIMS 

Please cancel claims 4-6, 8-10, 12-15, 17, 20, 22-23, and 26-27. 
Please amend claims 1, 7, 11, 16, 19, 21, and 24-25 as follows: 

1 . (Currently Amended) A method of network computing: 

using a virus monitor of a server with a virus monitor to identify at least one client 
computer that is susceptible to a virus by verifyin g, directly betw een the at least one client 
computer and the virus monitor of the server, that the at least one client computer has 
comprises at least one of 

a first combination of a client-server connection and a disabled status of a virus 
protector of the at least one client compute r, the disabled status being verified via a direct 
status query from the virus monitor of the server to the at least one client computer; and 

a second combination of an attempted client-server connection and a non-enabled 
status of the virus protector of the at least one client computer, the non-enabled status being 
verified via the at least one client computer failing to report enabled virus protection to the 
virus monitor of the server at the time of the attempted clie nt-server connection; and 

automatically isolating the at least one client computer from the server and from a 
computing network connected to the server by at least one of automatically terminating the 
client-server connection for the at least one client computer having the disabled status of the 
virus protector and automatically preventing the attempted client-server connection for the at 
least one client computer having a non-enabled status of the virus protector. 

2. (Currently Amended) The method of claim 1 wherein using a virus monitor of a 
server comprises: 

scanning the at least one client computer with a virus monitor of at least one of the 
server and the at least one client computer. 

3. (Currently Amended) The method of claim 1 wherei n automatically isolating the at 
least one client computer comprises: 

tracking a client identifier of the at least one client computer; and 
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preventing the client-server connection and a network communications between the at 
least one client computer relative to the computing network. 

4-6. (Canceled) 

7. (Currently Amended) A method of maintaining a virus-controlled network computing 
system comprising: 

booting at least one client computer to establish a client-server connection with a 
server for limited access and to perform a scan by the at least one client computer of the at 
least one client computer for a virus , including the server establi shing the client-server 
connection only when the at least one client computer includes a virus pro tection program in 
an enabled mode ; 

reporting the results of the virus scan from the at least one client computer to the 
server; and 

selectively pcrmittin g enabling the at least one client computer general authorized 
access to the server through the client-server connection when the virus scan report detects no 
viruses and denying the at least one client computer access to the server when no valid virus 
report is provided by the at least one client computer; 

querying the client periodically to determine if the virus protector of the at least one 
client computer remains enabled; and 

terminating the client-server connection if the virus defini tions of the virus protector 
of the at least one client computer have not been updated within a specified date criteria of 
the server. 

8-10 (Canceled) . 

1 1 . (Currently Amended) A method of preventing network virus migration within a 
network comprising: 

monitoring a virus susceptibility of each client computer of the network to identify at 
least one virus susceptible client computer based on at lca3t one of directly verifying that 
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whether a virus protector of the client computer is enabled and tha twhothcr the client 
computer provides a server of the network with a valid virus scan report; a**d 

tracking an address of each virus-susceptible client computer and at least one of 
preventing a client-server connection between each virus-susceptible client computer and the 
server and terminating a client-server connection between eac h virus-susceptible client 
computer and the server; and 

establishing a quarantine of each virus-susceptible client comp uter to prevent farther 
client-server connections by each quarantined virus-susceptible client computer. 

12-15. (Canceled) 

16. (Currently Amended) A virus exclusion network system comprising: 
a client computer including; 

a controller; and 

a virus protector configured for detecting and eradicating vir uses on the client 
computer, for maintaining real-time virus protection, for p roducing an up-to-date virus scan 
report to confirm that the client computer is virus-free and that the virus protector is up-to- 
date, and for producing a notification that the virus pr otector is enabled; 

a network server including a virus monitor configured for preventing an attempted 
authorized network connection between the client computer and the server when the client 
computer fails to produce , at the time of the attempted authori zed network connection, at 
least one of a report of an up-to-date virus scan of the client computer and a 
Qonfirmatio n notification of enablement of the virus protector of the client computer. 

17. (Canceled). 

1 8. (Original) The system of claim 1 6 wherein the virus monitor of the server further 
comprises: 

a virus protector for scanning the client computer and files written by the client 
computer. 
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19. (Currently Amended) A server comprising: 
a controller; 

a virus monitor including: 

a virus protector with a scanning function; 

a virus definition source; and 

a quarantine monitor configured for: 

preventing a client-server connection for at least one virus-susceptible 
client computer, by direc^ vcrifyin g verification between the q uarantine 
monitor and the at least one virus-susceptible client computer, that the at least 
one virus-susceptible client computer has at least one of a disabled virus 
protector and a lack of a virus protector; and configured for 

tracking an identity of the at least one virus-susceptible client computer 
to prevent future attempted client-server connections when the at l east one 
virus-susceptible client computer has a tendency to have a disabled virus 
protector or lack of a virus protector . 

20. (Canceled) 

21 . (Currently Amended) A computing network virus monitor comprising: 
a virus protecto r including a virus identifier ; 

a quarantine monitor including a blocking mechanism configured for signaling the 
server to preventing network communications between * e a server of a network and 
originating from each client computer tha t has a tendency to be 4s virus-infected or to befeat 
is virus-susceptible by having at least one of a disabled virus protector and a virus definition 
set that is not up-to-date, and configured for trackin g, via a client computer identifier, an 
identity of each virus - infected client compute r and each viru3 susceptible client computer 
having a tendency to be virus-infected or virus-susceptible enable activation of the blocking 
mechanism. 

22-23. (Canceled) 
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24. (Currently Amended) A computer-readable medium having computer-executable 
instructions for performing a method of preventing network virus migration within a network, 
the method comprising: 

monitoring a virus susceptibility of each client computer of the network to identify at 
least one virus susceptible client computer based on at loo3t one of directly verifying that 
whether a virus protector of the client computer is enabled and thatwhether the client 
computer provides a server of the network with a valid virus scan report; and 

tracking an address of each virus-susceptible client computer and at least one of 
preventing a client-server connection between each virus-susceptible client computer and the 
server and terminating a client-server connection between eac h virus-susceptible client 
computer and the server; and 

establishing a quarantine of each virus-susceptible client com puter to prevent further 
client-server connections by each quarantined virus- susceptible client computer. 

25. (Currently Amended) A computer-readable medium having computer-executable 
instructions for performing a method of network computing, the method comprising: 

using a virus monitor of a server with a virus monitor to identify at least one client 
computer that is susceptible to a virus by verifying, directly between the at least one client 
computer and the virus monitor of the server, that the at least one client computer has 
comprises at least one of: 

a first combination of a client-server connection and a disabled status of a 

virus protector of the at least one client compute r, the disabled status being verified 

via a direct status query from the virus monitor of the server to th e at least one client 

computer; and 

a second combination of an attempted client-server connection and a non- 
enabled status of the virus protector of the at least one client compute r, the non-enabled status 
being verified via the at least one client computer failing to report ena bled virus protection to 
the virus monitor of the server at the time of the attempte d client-server connection; and 

automatically isolating the at least one client computer from the server and from a 
computing network connected to the server by at least one of automatically terminating the 
client-server connection for the at least one client computer having the disabled status of the 
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virus protector and automatically preventing the attempted client-server connection for the at 
least one client computer having a non-enabled status of the virus protector. 



26-27. (Canceled) 



